diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-10-20 11:25:54 +0200 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2014-10-20 11:36:40 +0200 |
commit | 64ffc995d685cf8a53ef868572e835ce42269ec6 (patch) | |
tree | 379c2207b7818d2d4b2359fbf6bf2fb48f98f164 /src/qt | |
parent | 84d13eef883769451ba9f77b56d9738d24474d5c (diff) | |
parent | d4746d56c0c45b8721da36bc19b2bdaba5d7d094 (diff) |
Merge pull request #5095
d4746d5 Add a SECURE style flag for ThreadSafeMessageBox, which indicates that the message contains sensitive information. This keeps the message from being output to the debug log by bitcoind. Fixes a possible security risk when starting bitcoind in server mode without the 'rpcpassword' option configured, resulting in the "suggested" password being output to the debug log. (Mark Friedenbach)
Diffstat (limited to 'src/qt')
-rw-r--r-- | src/qt/bitcoingui.cpp | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/qt/bitcoingui.cpp b/src/qt/bitcoingui.cpp index 8a945606dc..9d6d07a56b 100644 --- a/src/qt/bitcoingui.cpp +++ b/src/qt/bitcoingui.cpp @@ -992,6 +992,9 @@ void BitcoinGUI::showProgress(const QString &title, int nProgress) static bool ThreadSafeMessageBox(BitcoinGUI *gui, const std::string& message, const std::string& caption, unsigned int style) { bool modal = (style & CClientUIInterface::MODAL); + // The SECURE flag has no effect in the Qt GUI. + // bool secure = (style & CClientUIInterface::SECURE); + style &= ~CClientUIInterface::SECURE; bool ret = false; // In case of modal message, use blocking connection to wait for user to click a button QMetaObject::invokeMethod(gui, "message", |